package com.cong.security.config;

import org.springframework.boot.web.embedded.undertow.UndertowServletWebServerFactory;
import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import io.undertow.Undertow;
import io.undertow.UndertowOptions;
import io.undertow.servlet.api.SecurityConstraint;
import io.undertow.servlet.api.SecurityInfo;
import io.undertow.servlet.api.TransportGuaranteeType;
import io.undertow.servlet.api.WebResourceCollection;
//@Configuration
public class WebServerConfiguration {

	@Bean
	public ServletWebServerFactory undertowFactory() {
		UndertowServletWebServerFactory undertowFactory = new UndertowServletWebServerFactory();

		undertowFactory.addBuilderCustomizers((Undertow.Builder builder) -> {
			// 监听80端口
			builder.addHttpListener(80, "0.0.0.0");
		});
		undertowFactory.addDeploymentInfoCustomizers(deploymentInfo -> {
			// 开启HTTP自动跳转至HTTPS:80->443
			deploymentInfo
					.addSecurityConstraint(new SecurityConstraint()
							.addWebResourceCollection(new WebResourceCollection().addUrlPattern("/*"))
							.setTransportGuaranteeType(TransportGuaranteeType.CONFIDENTIAL)
							.setEmptyRoleSemantic(SecurityInfo.EmptyRoleSemantic.PERMIT))
					.setConfidentialPortManager(exchange -> 8004);
		});
		return undertowFactory;
	}
}
